I get your point about adding extra attack surface, but my thought was SSL has a fairly narrow and heavily tested attack surface compared to whatever signed/secured format is used. (i.e. an attacker could send unsigned malformed pages/packages to attack B2G.)
And actually the phones SSL stack will be exposed to attack every time the browser app visits a website, so this isn't adding any attack surface. On Mar 22, 2012, at 9:03 PM, Kevin Chadwick wrote: > On Thu, 22 Mar 2012 12:50:33 +1100 > ptheriault wrote: > >> 1. I can't think of any reason not to deploy privileged applications over >> SSL, and the more strict the better (HSTS, limited certs, additional checks >> etc) > > > I offer SSL on for example mail servers. It gripes me that companies > like Yahoo and hotmail offer ssl to clients but don't use it on their > MTAs. False sense of security or what. > > > However, if an app is signed or already secured then what is the SSl > doing apart from adding extra exploitability to the servers. OpenSSL > has had exploits too and actually increases the attack surface. Of > course the server may already have SSL for other things like logging > in, in which case the point may be mute. > > Trust me, I'm definately all for defence in depth, but is it actually > adding cracks by adding more bricks in this case? On the other hand, if > using externally signed packages, will it matter if the server is > compromised via SSL anyway? The most important thing to get right > will obviously be the key creation/handling/issuing policy. > _______________________________________________ > dev-security mailing list > dev-security@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security
